local iputils = require("resty.iputils")
local blocked_ips = {
	"127.0.0.1",
	"192.168.64.177",
	"59.42.24.0/22"
}

local headers = ngx.req.get_headers()
local client_ip = headers["X-FORWARDED-FOR"] or headers["X-REAL-IP"]

blocklist = iputils.parse_cidrs(blocked_ips)
if not iputils.ip_in_cidrs(client_ip , blocklist) then
        return ngx.exit(ngx.HTTP_FORBIDDEN)
end
